Mercurial > notdcc
view include/dcc_ck.h @ 0:c7f6b056b673
First import of vendor version
author | Peter Gervai <grin@grin.hu> |
---|---|
date | Tue, 10 Mar 2009 13:49:58 +0100 |
parents | |
children |
line wrap: on
line source
/* Distributed Checksum Clearinghouse * * checksum routines * * Copyright (c) 2008 by Rhyolite Software, LLC * * This agreement is not applicable to any entity which sells anti-spam * solutions to others or provides an anti-spam solution as part of a * security solution sold to other entities, or to a private network * which employs the DCC or uses data provided by operation of the DCC * but does not provide corresponding data to other users. * * Permission to use, copy, modify, and distribute this software without * changes for any purpose with or without fee is hereby granted, provided * that the above copyright notice and this permission notice appear in all * copies and any distributed versions or copies are either unchanged * or not called anything similar to "DCC" or "Distributed Checksum * Clearinghouse". * * Parties not eligible to receive a license under this agreement can * obtain a commercial license to use DCC by contacting Rhyolite Software * at sales@rhyolite.com. * * A commercial license would be for Distributed Checksum and Reputation * Clearinghouse software. That software includes additional features. This * free license for Distributed ChecksumClearinghouse Software does not in any * way grant permision to use Distributed Checksum and Reputation Clearinghouse * software * * THE SOFTWARE IS PROVIDED "AS IS" AND RHYOLITE SOFTWARE, LLC DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL RHYOLITE SOFTWARE, LLC * BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, * WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, * ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. * * Rhyolite Software DCC 1.3.103-1.182 $Revision$ */ #ifndef DCC_CK_H #define DCC_CK_H #include "dcc_clnt.h" #include "dcc_md5.h" typedef DCC_TGTS DCC_CKSUM_THOLDS[DCC_DIM_CKS]; #define DCC_THOLD_NEVER (DCC_TGTS_TOO_MANY+1) #define DCC_THOLD_UNSET (DCC_TGTS_INVALID) extern DCC_CKSUM_THOLDS dcc_tholds_rej; /* MIME boundary * RFC 1341 says boundaries can be 70 bytes, but handle non-conformant spam */ #define DCC_CK_BND_MAX 94 #define DCC_CK_BND_DIM (DCC_CK_BND_MAX+2) /* including leading -- */ #define DCC_CK_BND_MISS (DCC_CK_BND_DIM+1) typedef struct { u_char bnd_len; /* length including leading "--" */ u_char cmp_len; /* compared so far */ char bnd[DCC_CK_BND_DIM]; /* "--"boundary */ } DCC_CK_BND; typedef u_char DCC_CK_FC[256]; extern const DCC_CK_FC dcc_cset_1, dcc_cset_2; /* state machine for ignoring parts of URLs */ typedef struct { enum { DCC_URL_ST_IDLE, /* waiting for H or = */ DCC_URL_ST_QUOTE, /* " " '"' or 'H' after = */ DCC_URL_ST_QH, /* " " H after quote */ DCC_URL_ST_T1, /* " " T */ DCC_URL_ST_T2, /* " " T */ DCC_URL_ST_P, /* " " P */ DCC_URL_ST_S, /* " " [S] */ DCC_URL_ST_COLON, /* " " : */ DCC_URL_ST_SLASH1, /* " " / */ DCC_URL_ST_SLASH2, /* " " / */ DCC_URL_ST_SLASH3_START, DCC_URL_ST_SLASH3, /* " " third / */ DCC_URL_ST_SKIP /* skipping rest of URL */ } st; char *start; /* start of hostname in URL */ char *dot; /* last '.' in hostname */ int total; /* length of URL */ u_char flags; # define DCC_URL_QUOTED 0x01 # define DCC_URL_DEL_DOMAIN 0x02 /* waiting for domain to delete */ # define DCC_URL_PERCENT1 0x04 /* waiting for 1st digit after % */ # define DCC_URL_PERCENT2 0x08 /* waiting for 2nd digit after % */ # define DCC_URL_SQUOTED 0x10 /* single quoted (') URL */ # define DCC_URL_DQUOTED 0x20 /* double quoted (") URL */ # define DCC_URL_QUOTES (DCC_URL_DQUOTED | DCC_URL_SQUOTED) # define DCC_URL_SIMPLE (DCC_URL_DEL_DOMAIN \ | DCC_URL_PERCENT1 \ | DCC_URL_PERCENT2) u_char percent; } DCC_URL_SKIP; #define DCC_URL_MAX 65 /* 63 is RFC 1034 limit on labels */ #define DCC_URL_FAILSAFE 2000 /* big bogus "username:password@" */ /* a template for generating a reply to an SMTP command */ typedef enum { REPLY_TPLT_NULL, REPLY_TPLT_ID, /* queue ID for sendmail, fake for dccifd */ REPLY_TPLT_CIP, /* SMTP client IP address */ REPLY_TPLT_BTYPE, /* type of DNSBL hit */ REPLY_TPLT_BTGT, /* DNSBL hit IP address or name */ REPLY_TPLT_BPROBE, /* DNSBL probe domain name */ REPLY_TPLT_BRESULT /* DNSBL probe result */ } REPLY_TPLT_ARGS; typedef struct { const char *log_result; /* "reject" etc. for log */ # define NUM_REPLY_TPLT_ARGS 6 REPLY_TPLT_ARGS args[NUM_REPLY_TPLT_ARGS]; char rcode[sizeof("5yz")]; char xcode[sizeof("1.2.3")]; u_char is_pat; /* template has %s references */ # define REPLY_BUF_LEN 256 char pat[REPLY_BUF_LEN]; /* pattern for SMTP message */ } REPLY_TPLT; /* specify a DNS blacklist */ typedef struct { char c[DCC_MAXDOMAINLEN]; /* null terminated */ } DNSBL_DOM; typedef u_char DNSBL_FGS; #define DNSBL_FG_DUP 0x01 /* duplicate blacklist */ #define DNSBL_FG_TIMEO 0x02 /* suffered a timeout */ #define DNSBL_FG_TFAIL 0x04 /* want SMTP failure on timeout */ #define DNSBL_FG_CLIENT 0x08 /* check client IP address */ #define DNSBL_FG_MAIL_HOST 0x10 /* check env_from domain */ #define DNSBL_FG_URL 0x20 /* check URLs in message body */ #define DNSBL_FG_MX 0x40 /* MX for _URL & _MAIL_HOST */ #define DNSBL_FG_NS 0x80 /* NS for _URL & _MAIL_HOST */ # define DNSBL_FG_HITS (DNSBL_FG_CLIENT | DNSBL_FG_MAIL_HOST | DNSBL_FG_URL) # define DNSBL_FG_TYPES (DNSBL_FG_HITS | DNSBL_FG_MX | DNSBL_FG_NS) # define DNSBL_FG_DEFAULT DNSBL_FG_TYPES typedef enum DNSBL_TYPE { DNSBL_TYPE_IPV4, DNSBL_TYPE_IPV6, DNSBL_TYPE_NAME } DNSBL_TYPE; #define MAX_DNSBL_GROUPS 3 typedef u_char DNSBL_GBITS; #define DNSBL_G2B(n) ((1<<(n)) & ((2<<MAX_DNSBL_GROUPS)-1)) typedef struct dnsbl { struct dnsbl *fwd; struct dnsbl *dup; /* same except result */ u_char group; /* 1-indexed */ struct in6_addr tgt; /* hit if DNSBL matches this block */ struct in6_addr tgt_mask; u_char tgt_use_ipv6; /* ipv4 vs. ipv6 result weighting */ DNSBL_TYPE bl_type; int bl_num; int bl_dom_len; DNSBL_DOM bl_dom; const REPLY_TPLT *reply; DNSBL_FGS fgs; } DNSBL; /* working storage for one set of DNSBLs */ typedef struct { DNSBL_FGS fgs; /* kind of DNSBL hit */ const char *btype; /* type of hit string */ const DNSBL *dnsbl; /* hit DNSBL */ char btype_buf[64]; char result[DCC_SU2STR_SIZE]; /* IP address found in DNSBL */ DNSBL_DOM tgt; /* IP address or name sought in DNSBL */ DNSBL_DOM probe; /* what was actually looked up */ } DNSBL_GROUP; /* working storage for all DNSBLs */ typedef struct { DNSBL_DOM dom; /* domain name */ struct in6_addr addr; /* and/or IP address sought in DNSBL */ } DNSBL_TGT; typedef struct { DNSBL_GBITS all; DNSBL_GBITS client; DNSBL_GBITS mail_host; DNSBL_GBITS mail_host_ns; DNSBL_GBITS mail_host_mx; DNSBL_GBITS url; DNSBL_GBITS url_ns; DNSBL_GBITS url_mx; } DNSBL_UNHIT; typedef struct { DCC_CLNT_CTXT *dcc_ctxt; void *log_ctxt; const char *id; time_t msg_us; /* microseconds remaining for msg */ struct timeval url_start; time_t url_us; /* microseconds to look up URL */ time_t url_us_used; DNSBL_UNHIT unhit; /* groups of DNSBLs not yet hit */ u_short tgt_dom_len; DNSBL_TGT tgt; struct { DNSBL_DOM dom; } tgt_cache[8]; int tgt_cache_pos; DNSBL_GROUP groups[MAX_DNSBL_GROUPS]; } DNSBL_WORK; extern DNSBL *dnsbls; extern u_char have_dnsbl_groups; extern u_char have_helpers; extern DCC_PATH dnsbl_progpath; /* accumulated checksums for an SMTP message */ typedef struct { const char *hdr_nm; /* name if substitute checksum */ DCC_TGTS tgts; /* server's answer or previous total */ DCC_CK_TYPE_B type; u_char rpt2srvr; /* 1=report to server */ DCC_SUM sum; } DCC_GOT_SUM; #define CLR_GOT_SUM(g) ((g)->hdr_nm = 0, (g)->tgts = DCC_TGTS_INVALID, \ (g)->type = DCC_CK_INVALID, (g)->rpt2srvr = 0) typedef union { u_int32_t w32[4]; u_char b[16]; } DCC_FUZ2_WORD; #define DCC_FUZ2_WORD_CLEAR(_w) ((_w)->w32[0]=0, (_w)->w32[1]=0, \ (_w)->w32[2]=0, (_w)->w32[3]=0) typedef struct { DCC_URL_SKIP url; u_int total; /* bytes */ char *cp; /* end of data in buffer */ char *eol; /* most recent eol */ # define DCC_FUZ1_MAX_LINE 78 # define DCC_HTTPS_STR "https" # define DCC_HTTPS_LEN LITZ(DCC_HTTPS_STR) char buf[DCC_FUZ1_MAX_LINE*4 +DCC_HTTPS_LEN]; MD5_CTX md5; } DCC_CTX_FUZ1; typedef struct { /* per-language counts */ u_int wsummed; /* bytes of words summed */ u_int wtotal; /* words summed */ MD5_CTX md5; } FUZ2_LANG; typedef struct { u_int btotal; /* total non-whitespace bytes seen */ u_int xsummed; /* non-word bytes checksummed */ u_int wlen; /* length of current word */ u_int cref_cnt; /* fancy character length */ u_int tag_len; /* HTML tag length */ DCC_FUZ2_WORD w; DCC_FUZ2_WORD cref_w; DCC_FUZ2_WORD tag; int urls; /* # of URLs seen */ char *url_cp; /* accumulated URLs */ # define DCC_FUZ2_URL_MAX (1+DCC_URL_MAX) char url_buf[DCC_FUZ2_URL_MAX*2]; DCC_URL_SKIP url; /* state machine for skipping URLs */ enum { DCC_CREF_ST_IDLE = 0, DCC_CREF_ST_START, /* get HTML character reference */ DCC_CREF_ST_NUM, /* hex or decimal */ DCC_CREF_ST_DEC, DCC_CREF_ST_HEX, DCC_CREF_ST_NAME } cref_st; enum { DCC_FUZ2_ST_WORD = 0, /* gathering word */ DCC_FUZ2_ST_START_TAG, /* gathering start of HTML tag */ DCC_FUZ2_ST_SKIP_TAG, /* skipping HTML tag */ DCC_FUZ2_ST_SKIP_COMMENT /* skipping HTML comment */ } st; # define FUZ2_LAN_NUM 3 FUZ2_LANG lang[FUZ2_LAN_NUM]; } DCC_CTX_FUZ2; /* The maximum length of a checksumed HELO value and the continuation string * need to be the same for all users of the local white-/blacklist */ #define DCC_HELO_MAX (DCC_MAXDOMAINLEN+8) #define DCC_HELO_CONT "..." /* local-part maximum in RFC 2821 */ #define DCC_LOCAL_PART_MAX 64 #define DCC_ENV_FROM_MAX (DCC_LOCAL_PART_MAX+DCC_MAXDOMAINLEN) #define DCC_MSG_ID_LEN 24 /* do not checksum more than this much of a header line */ #define DCC_HDR_CK_MAX 1024 /* substitute or locally configured checksums */ #define DCC_MAX_SUB_CKS 6 #define DCC_WSUMS (DCC_DIM_CKS+DCC_MAX_SUB_CKS) /* max whitelist checksums */ typedef struct { DCC_GOT_SUM sums[DCC_WSUMS]; struct in6_addr ip_addr; /* SMTP client IP address */ struct { /* quoted-printable state machine */ int x; int y; u_char n; enum { DCC_CK_QP_IDLE, /* waiting for '=' */ DCC_CK_QP_EQ, /* seen "=" */ DCC_CK_QP_1, /* seen "=X" of "=XY" */ DCC_CK_QP_FAIL1, /* have output '=' after bad =X */ DCC_CK_QP_FAIL2, /* have output '=' after bad =XY */ DCC_CK_QP_FAIL3 /* have output 'X' after bad =XY */ } state; } qp; struct { /* base64 state machine */ u_int32_t quantum; int quantum_cnt; } b64; enum { CK_MP_ST_PREAMBLE, /* preamble before first boundary */ CK_MP_ST_BND, /* MIME boundary */ CK_MP_ST_HDRS, /* headers after a boundary */ CK_MP_ST_TEXT, /* body or entity */ CK_MP_ST_EPILOGUE /* text after last boundary */ } mp_st; enum CK_MHDR_ST { /* parse entity fields */ CK_MHDR_ST_IDLE, CK_MHDR_ST_CE_CT, /* matching "Content-T" */ CK_MHDR_ST_CE, /* "ransfer-Encoding:" */ CK_MHDR_ST_CE_WS, /* white space after "encoding:" */ CK_MHDR_ST_CT, /* "ype:" */ CK_MHDR_ST_CT_WS, /* white space after "type:" */ CK_MHDR_ST_QP, /* "quoted-printable" */ CK_MHDR_ST_B64, /* "base64" */ CK_MHDR_ST_TEXT, /* "text" */ CK_MHDR_ST_HTML, /* "/html" */ CK_MHDR_ST_CSET_SKIP_PARAM, /* skip to ";" after "text" */ CK_MHDR_ST_CSET_SPAN_WS, /* skip blanks before "charset" */ CK_MHDR_ST_CSET, /* match "charset=" */ CK_MHDR_ST_CSET_ISO_8859, /* "ISO-8859-" */ CK_MHDR_ST_CSET_ISO_X, /* find the 8859 type number */ CK_MHDR_ST_MULTIPART, /* match "multipart" */ CK_MHDR_ST_BND_SKIP_PARAM, /* skip "/alternative;" or similar */ CK_MHDR_ST_BND_SPAN_WS, /* skip whitespace before "boundary" */ CK_MHDR_ST_BND, /* match "boundary=" */ CK_MHDR_ST_BND_VALUE /* collecting boundary */ } mhdr_st; u_char mhdr_pos; u_char mime_nest; /* # of nested MIME entities */ u_char mime_bnd_matches; /* # of active boundary matches */ DCC_CK_BND mime_bnd[3]; enum { DCC_CK_CT_TEXT = 0, DCC_CK_CT_HTML, DCC_CK_CT_BINARY } mime_ct; const u_char *mime_cset; enum { DCC_CK_CE_ASCII = 0, DCC_CK_CE_QP, DCC_CK_CE_B64 } mime_ce; struct { u_int total; /* non-whitespace text */ u_char flen; /* bytes of ">From" seen */ MD5_CTX md5; } ctx_body; DCC_CTX_FUZ1 fuz1; DCC_CTX_FUZ2 fuz2; DNSBL_WORK *dnsbl; /* pointer to malloc()'ed state */ DCC_CKSUM_THOLDS tholds_rej; u_char flags; # define DCC_CKS_MIME_BOL 0x01 /* header decoder is at BOL */ # define DCC_CKS_MIME_QUOTED 0x02 /* quoted boundary */ } DCC_GOT_CKS; typedef DCC_TGTS DCC_CKS_WTGTS[DCC_WSUMS]; /* sscanf() a checksum */ #define DCC_CKSUM_HEX_PAT "%8x %8x %8x %8x" /* whiteclnt files */ #define DCC_WHITE_SUFFIX ".dccw" #define DCC_WHITE_NEW_SUFFIX ".dccx" /* hash table under construction */ typedef char DCC_WHITE_MAGIC[128]; #define WHITE_MAGIC_B_STR "DCC client whitelist hash table version " #define WHITE_MAGIC_V_STR "23" typedef struct { DCC_TGTS tgts; int bits; struct in6_addr addr; struct in6_addr mask; u_short lno; u_char fno; } DCC_WHITE_CIDR_ENTRY; typedef struct { u_char len; # define WHITE_CIDR_MAX_ENTRIES 64 DCC_WHITE_CIDR_ENTRY e[WHITE_CIDR_MAX_ENTRIES]; } DCC_WHITE_CIDR; typedef u_int DCC_WHITE_INX; /* 1-based index into hash table */ typedef struct { DCC_WHITE_INX fwd; DCC_TGTS tgts; u_short lno; u_char fno; DCC_CK_TYPE_B type; DCC_SUM sum; } DCC_WHITE_ENTRY; #ifdef DCC_WIN32 #define DCC_WHITE_TBL_BINS 521 /* should be prime */ #else #define DCC_WHITE_TBL_BINS 8209 /* should be prime */ #endif typedef u_int DCC_WHITE_FGS; typedef struct { DCC_WHITE_MAGIC magic; /* WHITE_MAGIC_* in ckwhite.c */ struct { DCC_WHITE_INX entries; /* # of entries in the file */ DCC_WHITE_FGS flags; # define DCC_WHITE_FG_PER_USER 0x00000001 # define DCC_WHITE_FG_HOSTNAMES 0x00000002 /* have some */ # define DCC_WHITE_FG_GREY_LOG_ON 0x00000004 # define DCC_WHITE_FG_GREY_LOG_OFF 0x00000008 # define DCC_WHITE_FG_GREY_ON 0x00000010 # define DCC_WHITE_FG_GREY_OFF 0x00000020 # define DCC_WHITE_FG_LOG_ALL 0x00000040 # define DCC_WHITE_FG_LOG_NORMAL 0x00000080 # define DCC_WHITE_FG_DISCARD_OK 0x00000100 # define DCC_WHITE_FG_NO_DISCARD 0x00000200 # define DCC_WHITE_FG_DCC_ON 0x00000400 # define DCC_WHITE_FG_DCC_OFF 0x00000800 # define DCC_WHITE_FG_REP_ON 0x00001000 # define DCC_WHITE_FG_REP_OFF 0x00002000 # define DCC_WHITE_FG_MTA_FIRST 0x00004000 # define DCC_WHITE_FG_MTA_LAST 0x00008000 # define DCC_WHITE_FG_LOG_D 0x00010000 # define DCC_WHITE_FG_LOG_H 0x00020000 # define DCC_WHITE_FG_LOG_M 0x00040000 # define DCC_WHITE_FG_TRAP_ACC 0x00080000 /* spam trap */ # define DCC_WHITE_FG_TRAP_REJ 0x00100000 /* spam trap */ # define DCC_WHITE_FG_TRAPS (DCC_WHITE_FG_TRAP_ACC \ | DCC_WHITE_FG_TRAP_REJ) # define DCC_WHITE_FG_DNSBL_ON(n) (0x00200000*DNSBL_G2B(n)) # define DCC_WHITE_FG_DNSBL_ON_M 0x00e00000 # define DCC_WHITE_FG_DNSBL_OFF(n) (0x01000000*DNSBL_G2B(n)) # define DCC_WHITE_FG_DNSBL_OFF_M 0x07000000 time_t reparse; /* re-parse after this */ time_t broken; /* serious broken until then */ time_t ascii_mtime; /* ASCII file mtime at last parsing */ struct { /* included files */ time_t mtime; DCC_PATH nm; } white_incs[8]; DCC_CKSUM_THOLDS tholds_rej; DCC_SUM ck_sum; /* checksum of following contents */ DCC_WHITE_CIDR cidr; } hdr; DCC_WHITE_INX bins[DCC_WHITE_TBL_BINS]; /* 1-based indeces or 0 for empty */ DCC_WHITE_ENTRY tbl[1]; } DCC_WHITE_TBL; /* a ASCII whiteclnt file (including the files it includes) can be * OK * unreadable or otherwise badly broken * missing * if permanent, the hash table should be removed, but * it might be temporary as an editor changes it * a hash table can be * OK * out of date compared to the ASCII file(s) * badly broken but not removable (e.g. bad directory permissions). * * Do not stat() the files iand so do not complain on every message by * using wf->next_stat_time * Avoid generating a complaint on every error message using wf->broken * Reparse ASCII files with errors using wf->reparse or when their mtimes * change, but not more often than we use stat() to check mtimes.. * Reparse the main ASCII file if it contains host names by noticing the * DCC_WHITE_FG_HOSTNAMES bit and that the mtime of the hash table is * more than DCC_WHITECLNT_RESOLVE seconds old */ #define DCC_WHITE_REPARSE_DELAY (30*60) /* look for new DNS values */ #define DCC_WHITE_BROKEN_DELAY (5*60) /* do not complain more often */ #define DCC_WHITE_STAT_DELAY 10 /* don't stat() more often */ /* computed from DCC_WHITE_FGS */ typedef u_int32_t FLTR_SWS; #define FLTR_SW_SET 0x00000001 #define FLTR_SW_NO_DISCARD 0x00000002 /* always reject spam */ #define FLTR_SW_DCC_OFF 0x00000004 /* no DCC check */ #define FLTR_SW_REP_ON 0x00000008 /* honor DCC reputation */ #define FLTR_SW_LOG_ALL 0x00000010 #define FLTR_SW_GREY_OFF 0x00000020 /* greylisting off */ #define FLTR_SW_GREY_LOG_OFF 0x00000040 /* log greylist embargos */ #define FLTR_SW_LOG_D 0x00000080 #define FLTR_SW_LOG_H 0x00000100 #define FLTR_SW_LOG_M 0x00000200 #define FLTR_SW_MTA_FIRST 0x00000400 /* MTA IS/NOTSPAM checked first */ #define FLTR_SW_TRAP_ACC 0x00000800 /* accepting spam trap */ #define FLTR_SW_TRAP_REJ 0x00001000 /* rejecting spam trap */ # define FLTR_SW_TRAPS (FLTR_SW_TRAP_ACC | FLTR_SW_TRAP_REJ) #define FLTR_SW_DNSBL(n) (0x00002000*DNSBL_G2B(n)) /* check DNSBL */ # define FLTR_SW_DNSBL_M 0x0000e000 # define FLTR_SW_DNSBL_BITS(sws) (((sws)&FLTR_SW_DNSBL_M) \ / FLTR_SW_DNSBL(0)) /* bits set to enable something */ #define FLTR_SWS_SETTINGS_ON (FLTR_SW_REP_ON \ | FLTR_SW_LOG_ALL \ | FLTR_SW_MTA_FIRST \ | FLTR_SW_DNSBL_M \ | FLTR_SW_TRAPS) /* bits set to disable something */ #define FLTR_SWS_SETTINGS_OFF (FLTR_SW_DCC_OFF \ | FLTR_SW_NO_DISCARD \ | FLTR_SW_TRAP_REJ \ | FLTR_SW_GREY_OFF \ | FLTR_SW_GREY_LOG_OFF) /* get bits of enabled FILTERS */ #define FLTR_SWS_ON(sws) (((sws) ^ FLTR_SW_DCC_OFF) \ & (FLTR_SW_DCC_OFF \ | FLTR_SW_REP_ON \ | FLTR_SW_DNSBL_M \ | FLTR_SW_TRAP_REJ)) /* everything there is to know about a currently active whitelist file */ typedef struct { DCC_WHITE_TBL *wtbl; int ht_fd; /* hash table file */ struct stat ht_sb; DCC_WHITE_FGS wtbl_flags; u_int wtbl_entries; /* # of entries mapped window */ u_int wtbl_size; /* bytes in mapped window */ time_t next_stat_time; time_t reparse; /* when to re-parse file */ time_t broken; /* something very sick until then */ #ifdef DCC_WIN32 HANDLE ht_map; /* WIN32 hash table map handle */ #endif u_int ascii_nm_len; DCC_PATH ascii_nm; DCC_PATH ht_nm; int fno, lno; /* currently being parsed */ u_char wf_flags; # define DCC_WF_PER_USER 0x01 /* hostnames not allowed */ # define DCC_WF_NOFILE 0x02 /* no whiteclnt file */ # define DCC_WF_EITHER 0x04 /* either global or per-user ok */ # define DCC_WF_RO 0x08 /* read only access */ # define DCC_WF_WLIST 0x10 /* wlist command */ # define DCC_WF_WLIST_RO 0x20 /* read-only wlist command */ # define DCC_WF_WLIST_RW 0x40 /* read/write wlist command */ u_char closed; u_char need_reopen; /* lock-safe change flag */ } DCC_WF; extern DCC_WF cmn_wf, cmn_tmp_wf; typedef enum { /* greylist result */ ASK_GREY_FAIL, /* greylist server or other failure */ ASK_GREY_OFF, /* client whitelist or blacklist */ ASK_GREY_EMBARGO, ASK_GREY_EMBARGO_END, /* first time server says ok */ ASK_GREY_PASS, /* greylist server says ok */ ASK_GREY_WHITE, /* greylist server says whitelisted */ ASK_GREY_SPAM /* reported as spam to server */ } ASK_GREY_RESULT; extern u_char grey_on; extern u_char grey_query_only; extern u_int dcc_ck_qp_decode(DCC_GOT_CKS *, const char **, u_int *, char *, u_int); extern u_int dcc_ck_b64_decode(DCC_GOT_CKS *, const char **, u_int *, char *, u_int); extern int dcc_ck_url(DCC_URL_SKIP *, char, char **); #define DCC_CK_URL_MASK 0xff #define DCC_CK_URL_SHIFT 8 typedef enum { DCC_CK_URL_CHAR, /* character in URL after host name */ DCC_CK_URL_CK_LEN, /* 2nd slash */ DCC_CK_URL_HOST, /* character in URL host name */ DCC_CK_URL_DOT, /* dot in host name */ DCC_CK_URL_HOST_END, /* end of host name */ DCC_CK_URL_HOST_RESET, /* wasn't in host name after all */ DCC_CK_URL_SKIP /* shipping URL or not in URL */ } DCC_CK_URL; extern void dcc_ck_fuz1_init(DCC_GOT_CKS *); extern void dcc_ck_fuz1(DCC_GOT_CKS *, const char *, u_int); extern void dcc_ck_fuz1_fin(DCC_GOT_CKS *); extern void dcc_ck_fuz2_init(DCC_GOT_CKS *); extern void dcc_ck_fuz2(DCC_GOT_CKS *, const char *, u_int); extern void dcc_ck_fuz2_fin(DCC_GOT_CKS *); extern void dcc_wf_init(DCC_WF *, u_int); extern void dcc_wf_lock(DCC_WF *); extern void dcc_wf_unlock(DCC_WF *); extern void dcc_str2ck(DCC_SUM, const char *, u_int, const char *); extern u_char dcc_get_cks(DCC_GOT_CKS *, DCC_CK_TYPES, const char *, u_char); extern u_char dcc_ck_get_sub(DCC_GOT_CKS *, const char *, const char *); extern u_char dcc_add_sub_hdr(DCC_EMSG, const char *); extern void dcc_ck_ipv6(DCC_SUM, const struct in6_addr *); extern void dcc_get_ipv6_ck(DCC_GOT_CKS *, const struct in6_addr *); extern void dcc_unget_ip_ck(DCC_GOT_CKS *); extern u_char dcc_get_str_ip_ck(DCC_GOT_CKS *, const char *); extern const char *parse_received(const char *, DCC_GOT_CKS *, char *, int, char *, int, char *, int); extern u_char parse_return_path(const char *, char *, int); extern u_char parse_unix_from(const char *, char *, int); extern u_char parse_mail_host(const char *, char *, int); extern void dcc_print_cks(LOG_WRITE_FNC, void *, u_char, DCC_TGTS, const DCC_GOT_CKS *, DCC_CKS_WTGTS, u_char); #define PRINT_CK_TYPE_LEN 25 #define PRINT_CK_SUM_LEN 35 #define PRINT_CK_PAT_CK "%25s: %-35s" #define PRINT_CK_PAT_LIM_CK "%25.*s%c %-35.*s" #define PRINT_CK_PAT_SRVR " %7s" #define PRINT_CK_PAT_SRVR_LEN 8 #define PRINT_CK_PAT_WLIST " %5s" #define PRINT_CK_PAT_WLIST_LEN 6 #define PRINT_CK_PAT_THOLD PRINT_CK_PAT_WLIST extern void dcc_cks_init(DCC_GOT_CKS *); extern void dcc_ck_mime_hdr(DCC_GOT_CKS *, const char *, const char *); extern u_char parse_mime_hdr(DCC_GOT_CKS *, const char *, u_int, u_char); extern void dcc_ck_body(DCC_GOT_CKS *, const void *, u_int); extern void dcc_cks_fin(DCC_GOT_CKS *); extern u_char dcc_get_white(DCC_EMSG, DCC_WHITE_INX); typedef int (*DCC_PARSED_CK_FNC)(DCC_EMSG, DCC_WF *, DCC_CK_TYPES, /* type of checksum */ DCC_SUM, /* computed checksum */ DCC_TGTS); /* "OK2" etc */ typedef int (*DCC_PARSED_CK_CIDR_FNC)(DCC_EMSG, DCC_WF *, int, const struct in6_addr *, const struct in6_addr *, DCC_TGTS); extern int dcc_parse_ck(DCC_EMSG, DCC_WF *wf, const char *, DCC_CK_TYPES, const char *, DCC_TGTS, DCC_PARSED_CK_FNC, DCC_PARSED_CK_CIDR_FNC); extern int dcc_parse_hex_ck(DCC_EMSG, DCC_WF *wf, const char *, DCC_CK_TYPES, const char *, DCC_TGTS, DCC_PARSED_CK_FNC); extern const char *wf_fnm(const DCC_WF *, int); extern const char *wf_fnm_lno(DCC_FNM_LNO_BUF *, const DCC_WF *); extern DCC_TGTS dcc_str2thold(DCC_CK_TYPES, const char *); extern int dcc_parse_whitefile(DCC_EMSG, DCC_WF *, int, DCC_PARSED_CK_FNC, DCC_PARSED_CK_CIDR_FNC); typedef enum { DCC_WHITE_USE_DCC, DCC_WHITE_LISTED, DCC_WHITE_UNLISTED, DCC_WHITE_BLACK } DCC_WHITE_LISTING; typedef enum { DCC_WHITE_OK, DCC_WHITE_NOFILE, /* no ASCII file */ DCC_WHITE_CONTINUE, /* modest error or bad host name */ DCC_WHITE_COMPLAIN, /* bad hash table */ DCC_WHITE_SILENT /* no more complaints */ } DCC_WHITE_RESULT; #define DCC_WHITE_RESULT_FAILURE DCC_WHITE_UNLISTED u_char dcc_new_white_nm(DCC_EMSG, DCC_WF *, const char *); extern DCC_WHITE_RESULT dcc_rdy_white(DCC_EMSG, DCC_WF *, DCC_WF *); extern DCC_WHITE_RESULT dcc_white_sum(DCC_EMSG, DCC_WF *, DCC_CK_TYPES, const DCC_SUM, DCC_TGTS *, DCC_WHITE_LISTING *); extern u_char dcc_white_mx(DCC_EMSG, DCC_TGTS *, const DCC_GOT_CKS *); extern DCC_WHITE_RESULT dcc_white_cks(DCC_EMSG, DCC_WF *, DCC_GOT_CKS *, DCC_CKS_WTGTS, DCC_WHITE_LISTING *); typedef u_int32_t ASK_ST; #define ASK_ST_INVALID_MSG 0x00000001 /* incomplete SMTP transaction */ #define ASK_ST_QUERY 0x00000002 /* ask but do not report */ #define ASK_ST_QUERY_GREY 0x00000004 #define ASK_ST_SRVR_OK2 0x00000008 /* have honored DCC_TGTS_OK2 */ #define ASK_ST_SRVR_NOTSPAM 0x00000010 /* not spam by DCC server */ #define ASK_ST_SRVR_ISSPAM 0x00000020 /* spam by DCC server & threshold */ #define ASK_ST_REP_ISSPAM 0x00000040 /* spam by reputation & threshold */ #define ASK_ST_MTA_NOTSPAM 0x00000080 /* MTA says it is not spam */ #define ASK_ST_MTA_ISSPAM 0x00000100 /* MTA says it is spam */ #define ASK_ST_WLIST_NOTSPAM 0x00000200 /* locally whitelisted message */ #define ASK_ST_WLIST_ISSPAM 0x00000400 /* locally blacklisted message */ #define ASK_ST_CLNT_ISSPAM 0x00000800 /* report to DCC server as spam */ #define ASK_ST_GREY_EMBARGO 0x00001000 /* embargo this message */ #define ASK_ST_GREY_LOGIT 0x00002000 /* greylist logging indicated */ #define ASK_ST_LOGIT 0x00004000 /* log message for all recipients */ #define ASK_ST_DNSBL_HIT(n) (0x00008000*DNSBL_G2B(n)) /* DNSBL hit */ # define ASK_ST_DNSBL_HIT_M 0x00038000 # define ASK_ST_DNSBL_HIT_BITS(st) (((st)&ASK_ST_DNSBL_HIT_M) \ / ASK_ST_DNSBL_HIT(0)) #define ASK_ST_DNSBL_TIMEO(n) (0x00040000*DNSBL_G2B(n)) /* DNSBL timeout */ # define ASK_ST_DNSBL_TIMEO_M 0x001c0000 # define ASK_ST_DNSBL_TIMEO_BITS(st) (((st)&ASK_ST_DNSBL_TIMEO_M) \ / ASK_ST_DNSBL_TIMEO(0)) #define ASK_ST_DNSBL_TFAIL(n) (0x00200000*DNSBL_G2B(n)) # define ASK_ST_DNSBL_TFAIL_M 0x00e00000 # define ASK_ST_DNSBL_TFAIL_BITS(st) (((st)&ASK_ST_DNSBL_TFAIL_M) \ / ASK_ST_DNSBL_TFAIL(0)) extern u_char dcc_ck_grey_answer(DCC_EMSG, const DCC_OP_RESP *); extern int ask_dcc(DCC_EMSG, DCC_CLNT_CTXT *, u_char, DCC_HEADER_BUF *, DCC_GOT_CKS *, ASK_ST *, u_char, DCC_TGTS); extern u_char unthr_ask_white(DCC_EMSG, ASK_ST *, FLTR_SWS *, const char *, DCC_GOT_CKS *, DCC_CKS_WTGTS); extern u_char unthr_ask_dcc(DCC_EMSG, DCC_CLNT_CTXT*, DCC_HEADER_BUF*, ASK_ST *, DCC_GOT_CKS *, u_char, DCC_TGTS); extern void dcc_clear_tholds(void); extern u_char dcc_merge_tholds(DCC_CKSUM_THOLDS, const DCC_CKSUM_THOLDS, const DCC_WHITE_TBL *); extern void dcc_parse_honor(const char *); extern u_char dcc_parse_tholds(const char *, const char *); extern void dcc_honor_log_cnts(ASK_ST *, const DCC_GOT_CKS *, DCC_TGTS); extern FLTR_SWS wf2sws(FLTR_SWS, const DCC_WF *); extern void log_ask_st(LOG_WRITE_FNC, void *, ASK_ST, FLTR_SWS, u_char, const DCC_HEADER_BUF *); extern u_char dcc_parse_client_grey(const char *); extern ASK_GREY_RESULT ask_grey(DCC_EMSG, DCC_CLNT_CTXT *, DCC_OPS, DCC_SUM, DCC_SUM, const DCC_GOT_CKS *, const DCC_SUM, DCC_TGTS *, DCC_TGTS *, DCC_TGTS *); extern u_char dcc_parse_dnsbl(DCC_EMSG, const char *, const char *, u_char); extern const REPLY_TPLT *dnsbl_parse_reply(const char *); extern void helper_save_arg(const char *, const char *); extern void helper_init(int); extern void dcc_dnsbl_init(DCC_GOT_CKS *, DCC_CLNT_CTXT *, void *, const char *); extern void url_dnsbl(DNSBL_WORK *); extern void dcc_mail_host_dnsbl(DNSBL_WORK *, const char *); extern void dcc_client_dnsbl(DNSBL_WORK *, const struct in6_addr *, const char *); extern void dcc_dnsbl_result(ASK_ST *, DNSBL_WORK *); extern int PATTRIB(3,4) thr_log_print(void *, u_char, const char *, ...); extern int PATTRIB(2,3) thr_error_msg(void *, const char *, ...); extern void PATTRIB(2,3) thr_trace_msg(void *, const char *, ...); #endif /* DCC_CK_H */